IN THE CLAIMS 

Please cancel claims 18-22 and amend claims 1-17 and 23-30 as follows: 

1. (Currently Amended) A metho d for controlling access to credential information , the 
method comprising: 

requesting, by a delegate with a delegation from a delegator, a service from a relying 

party; 

determining a credential requirement based on a type of the service requested; 

requesting, by the relying party based on the oorvico r e qu e st e d determined credential 
requirement and the delegation, credential information from a delegate credential service 
provider; 

sending, by the delegate credential service provider, the credential information to the 
relying party; 

generating, by the relying party, a service response according to the credential 
information received from the delegate credential service provider; and 
sending the service response to the delegate. 

2. (Currently Amended) The method according to claim 1, wherein said credential 
information contains credential information about for the delegator. 

3. (Currently Amended) The method according to claim 2, wherein said requesting 
delegated credential includes compris e s : 

p generating a credential information request based on the service requested and the 
delegation; 

sending the credential information request to the delegate for an approval that authorizes 
the credential information request; 
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receiving the approval from the delegate; and 
sending the approved delegated credential request to the delegate credential service provider. 

4. (Currently Amended) The method according to claim 3, wherein: 

sending the credential information request to the delegate includes sending a request for 
information related to an appropriate delegation; and 

receiving the approval from the delegate includes receiving the information related to an 
appropriate delegation. 

5. (Currently Amended) The method according to claim 1, wherein said sending the 
credential information includes compris e s : 

verifying the delegation registered by the delegate and delegator; 
retrieving credential information associated with the delegation; and 
forwarding the retrieved credential information to the relying party. 

6. (Currently Amended) The method according to claim 1, further including comprising : 
subscribing, by the delegate and the delegator, a digital credential service from a credential 
service provider. 

7. (Currently Amended) The method according to claim 5, further including comprising 
registering, by the delegator, the conditions under which pieces of the credential information can 
be released to relying parties. 

8. (Currently Amended) A method for verifying credential information by a relying party, 
Ihe method comprising: 

receiving, from a delegate, a request for a service; 

determining a credential requirement based on a type of the service requested: 

sending a credential information request based on the determined credential requirement 
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to a delegate credential service provider; 

receiving requested credential information from the delegate credential service provider; 
verifying the credential information; 

generating a service response based on the results from the verifying and the request for 
the service; and 

sending the service response to the delegate. 

9. (Currently Amended) The method according to claim 8, wherein said sending the 
credential information request includes compris e s : 

det e rmining th e cred e ntial information r e quired for the s e rvic e s r e qu e st e d; 
generating the credential information request based on the cred e ntial r e quir e d; 
sending the credential information request to the delegate to obtain an approval; 
receiving the approval from the delegate; and 

sending the credential information request to the delegate credential service provider. 

10. (Currently Amended) The method according to claim [[9]] 8, further comprising 
including : 

determining, using the credential required, an appropriate delegation 
based on which th e cr e d e ntial information r e qu e st is construct e d . 

1 1 . (Currently Amended) The method according to claim 10, wherein said determining the 
appropriate delegation includes one of: 

obtaining the appropriate delegation specified in the request for service sent by the 
delegate; 

selecting the appropriate delegation by the delegate upon receiving the credential 
information request; [[and]] or 
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verifying the appropriate delegation by the delegate credential service provider. 

12. (Currently Amended) A method for controlling access to credential information by a 
delegate credential service provider, the method comprising: 

receiving a service request; 

determining the service type based on the service request; 

determining a credential requirement based on the service type of the service request; 

registering, if the service type is for subscribing a digital credential service, a user's 
credential information for requested digital credential servic e based on the determined credential 
requirement ; 

registering, if the service type is for delegation service, a delegation between a delegator 
and a delegate, the delegation including delegation terms; 

changing, if the service type is for updating an existing delegation, the terms of an 
existing delegation; and 

providing, if the service request is a credential information request from a relying party 
for credential information required for a service requested by a delegate, credential information. 

13. (Currently Amended) The method according to claim 12, wherein said changing the 
terms of a delegation includes compris e s : 

receiving, from a user, revised delegation terms; and 

updating the terms of the existing delegation using the revised delegation terms. 

14. (Currently Amended) The method according to claim 12, wherein said providing 
delegated credential includes compris e s : 

retrieving the requested delegated credential; and 

sending the retrieved delegated credential to the relying party. 
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15. (Currently Amended) The method according to claim 12, further comprising: 
registering by the delegator the conditions under which pi e c e s a portion of the credential 

information can be released to relying parties; and 

determining, prior to the retrieving, a delegation, between the delegate, who requests the 
service from the relying party, and a delegator, wherein the digital credential information of the 
delegator corresponds to the delegated credential required for the service requested by the 
delegate. 

1 6. (Currently Amended) A system for verifying credential information by a relying party, 
comprising: 

a service request processing mechanism for processing a service request for a service 
from a user; 

a credential determiner for determining, prior to obtaining credential information, a 
credential requirement based on a type of the service requested by the user; 

a credential information request mechanism for obtaining r e quir e d credential information 
based on the determined credential requirement that is n e c e ssary for th e s e nde e from a 
delegation credential service provider; and 

a service response generation mechanism for generating a service response based on the 
service request and the required credential information. 

17. (Currently Amended) The system according to claim 16, further comprising including : 
a credential d e t e rmin e r for d e t e rmining, prior to obtaining cr e d e ntial information, 

requir e d cr e d e ntial information nec e ossary for th e s e rvic e r e qu e st e d by th e us e r; and 

a credential verification mechanism for verifying the required credential information 
obtained from the delegation credential service provider before the service response is generated. 
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18. (Canceled) 

19. (Canceled) 

20. (Canceled) 

21. (Canceled) 

22. (Canceled) 

23. (Currently Amended) A machine-accessible mediu m having encoded thereon, program 
code for verifying credential information by a relying party, the program code including 
instructions which when executed cause e ncod e d with data r e lat e d to a r e lying party, th e data, 
wh e n acc e ss e d, causing : 

receiving, from a delegate, a request for a service; 

determining a credential requirement based on a type of the service requested; 

sending a credential information request to a delegate credential service provide r based 
on the determined credential requirement ; 

receiving the requested credential information from the delegate credential service 
provider; 

verifying the credential information; 

generating a service response based on the results from the verifying and the request for 
the service; and 

sending the service response to the delegate. 

24. (Currently Amended) The medium according to claim 23, wherein said sending the 
credential information request includes compris e s : 

d e t e rmining th e cr e d e ntial r e quired for th e s e rvic e s request e d; 

generating th e cr e d e ntial information r e qu e st bas e d on th e cr e d e ntial r e quir e d; 



6000991 74v1 



7 



sending the credential information request to the delegate to obtain an approval; 
receiving the approval from the delegate; and 

sending the credential information request to the delegate credential service provider. 

25. (Currently Amended) The medium according to claim 24, th e data, wh e n acc e ss e d, 
furth e r causing including program code having instructions which when executed, further cause : 

determining, using the determined credential requirement r e quir e d , an appropriate 
delegation based on which the credential information request is constructed. 

26. (Currently Amended) The medium according to claim 25, wherein the determining the 
appropriate delegation includes one of: 

obtaining the appropriate delegation specified in the request for service sent by the 
delegate; 

selecting the appropriate delegation by the delegate upon receiving the credential 
information request for approval; [[and]] or 

verifying the appropriate delegation by the delegate credential service provider. 

27. (Currently Amended) A machine-accessible medium having encoded thereon, program 
code for controlling access to credential information by a delegate credential service provider, 
the program code including instructions which when executed cause e ncod e d with data r e lat e d to 
a d o logat e cred e ntial servic e provid e r, th e data, wh e n acc e ss e d, causing : 

receiving a service request; 

determining the service type based on the service request; 

determining a credential requirement based on the service type of the received service 
request; 

registering, if the service type is for subscribing a digital credential service, a user's 
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credential information based on the determined credential requirement for requested digital 
credential service; 

registering, if the service type is for delegation service, a delegation between a delegator 
and a delegate, the delegation including delegation terms; 

changing, if the service type is for updating an existing delegation, the terms of an 
existing delegation; and 

providing, if the service request is a credential information request from a relying party for 
digital credential information required for a service requested by a delegate, required credential 
information. 

28. (Currently Amended) The medium according to claim 27, wherein said updating a 
delegation includes compris e s : 

receiving, from a user, revised delegation terms; and 
updating the terms of the existing delegation using the revised delegation terms. 

29. (Currently Amended) The medium according to claim 27, wherein said providing 
delegate credential information includes compris e s : 

retrieving the required delegated credential; and 
sending the retrieved credential information to the relying party. 

30. (Currently Amended) The medium according to claim 29, the data, when access e d, 
further causing including program code having instructions which when executed, further cause : 

determining, prior to the retrieving, a delegation between the delegate, who requests the 
service from the relying party, and a delegator, wherein the digital credential information of the 
delegator corresponds to the credential information required for the service requested by the 
delegate. 
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